FTP/SSL: Difference between revisions
Jump to navigation
Jump to search
(New page: FTP/SSL (FTPS) is essentially File Transter Protocol over TLS/SSL. Both the control and data connections are encrypted, unlike normal FTP where both are in the clear. IANA ha...) |
No edit summary |
||
| Line 12: | Line 12: | ||
== External Links == | == External Links == | ||
[http://tools.ietf.org/html/rfc4217 RFC 4217 - Securing FTP with TLS] | * [http://tools.ietf.org/html/rfc4217 RFC 4217 - Securing FTP with TLS] | ||
[http://www.iana.org/assignments/port-numbers IANA Port Assignments] | * [http://www.iana.org/assignments/port-numbers IANA Port Assignments] | ||
Latest revision as of 19:28, 21 August 2008
FTP/SSL (FTPS) is essentially File Transter Protocol over TLS/SSL. Both the control and data connections are encrypted, unlike normal FTP where both are in the clear. IANA has assigned the following port numbers to FTPS:
ftps-data 989/tcp ftp protocol, data, over TLS/SSL ftps-data 989/udp ftp protocol, data, over TLS/SSL ftps 990/tcp ftp protocol, control, over TLS/SSL ftps 990/udp ftp protocol, control, over TLS/SSL
Firewall Problems
As Wikipedia states, FTPS causes several problems with firewalls, since the ALGs cannot glean the port number issued in the PORT command to dynamically open up a child session for the data connection. Normally passive mode will work around this, if outbound connectivity to all ports above 1024 are allowed to the server. If this is not the case, passive mode will not work, either, and all TCP ports above 1024 will need to be opened.